beautypg.com

Tut Systems SMS2000 User Manual

Page 53

background image

Authentication

TUT Systems, Inc

Page 53 of 104

P/N 220-06288-20

• Support RADIUS ports 1812 and 1813 for RADIUS request and accounting ports

(per official RADIUS assigned ports)

• Support Session-Timeout attribute
• Support Idle-Timeout attribute
• Set the NAS type parameter

Note:

RADIUS packages are available for all major Linux distributions.


When you communicate with the RADIUS server, use a shared secret of your choosing
to:


Authenticate the SMS2000 with the RADIUS server.

Verify responses returned from the RADIUS server to the SMS2000.

Note:

The auth add radius command does not automatically assume that the

same RADIUS server (with the same name and secret) is used for accounting,
you must configure it with these settings using the acct add command.


Command:

auth add radius server[:auth_port[:acct_port]] secret secret [retrans=times] [retrans-
primary-only=times] [timeout=seconds] [deadtime=minutes] [alias]

Syntax Description

Syntax Description
Server

IP address or hostname of the RADIUS server

Secret

Password to authenticate the SMS2000 with a RADIUS server

Auth_port

Optional TCP/UDP UDP port on which to contact the RADIUS
server for RADIUS authentication requests. Default is 1812

Acct_port

Optional TCP/UDP port on which to contact the RADIUS server
for RADIUS accounting requests. Default is 1813

Retrans=times

Optional parameter indicating the number of retransmissions to a
RADIUS server with no response. The total number of
transmissions is retrans plus one.

retrans-primary-
only=times

Optional parameter indicating the number of retransmissions to the
primary RADIUS server before simultaneously trying backup and
primary servers. Must be less than retrans. The total number of
transmissions is the to the primary only before contacting backup
servers is retrans-primary-only plus one

timeout=seconds

Optional parameter indicating the total number of seconds to wait
after transmitting a request to this RADIUS server without a
response.

deadtime=minutes Optional parameter indicating the number of minutes after a

RADIUS server fails to respond to an initial RADIUS request and
retrans retries before attempting to use that server again. After
failing to respond, a RADIUS server will be DEAD this number of
minutes.